Ok, This is a little bit off topic for the mail list. Assuming as you say, you don’t spam…
You may be included in a RBL if you reside on a net block that has a spammer on it. So while your domain isn’t spamming, if your next door virtual neighbor is… you’re SOL (Shit Out of Luck) until you ask your ISP to move you to another net block, or you find a different Provider. You can run a check on your MX Server… there are a couple of web sites that do this… and I think one or two will identify the RBLs that include you. Now, if you have a spammer on your server… 1) Are you an open relay? (Check with one of the MX sites to validate your configuration) 2) Do you host other domains? Anyone of those domains could be listed which means your IP addresses are listed. 3) You said you have a mailing list. a) How do people subscribe to the list? b) What’s the purpose of the list? c) How do you let people unsubscribe? d) Do you comply with the ‘CAN-SPAM’ law (which isn’t much or that good of a law) The reason you will find those who run the RBLs to be less than responsive is that Spam has been an ongoing problem for almost 30 years. (Wasn’t the Cantor-Siegel green card spam in ’88 or was it ’89?) Spamhaus has been around for roughly 20 years. (I met Steve in Madison WI, 19 years ago at a dinner meeting) I’m sure that every RBL list maintainer has heard every excuse in book including pink contracts from ISPs, which resulted in the IDP (Internet Death Penalty) being created. While I’ve since moved on and have forgotten what little I knew of Mail Servers, there are things that you should be able to do. In theory, you can track your outbound email and run a simple counter based on the sender’s info. If you have a spammer on your network, you would be able to see how many emails they send, and how many bcc’s are on each email. Another thing you can do is to check the domain registration of your clients. If the domain registration information is bogus, its a good sign you have a spammer. If the domain registration is blocked, then you should look a little deeper since you’re hosting the domain. (If you’re in country A, and the person buying access is in country B, that’s another ‘red’ flag. ) That’s pretty much common sense. Most of the RBLs implement an auto aging policy. Meaning if they don’t get a report that you’re spamming, they will automatically remove your IP from the list unless of course someone else in your netblock is spamming. Then you need to move, maybe even to a new ISP. HTH -Mike > On May 1, 2017, at 3:44 PM, li...@lazygranch.com wrote: > > I did a whois on your domain, checked the Trend Micro list, and it was not > found. > > Replies to this email will be no different than your previous email. > Basically all you can do is request the block be removed. These RBLs have > little sympathy for those they block. > > My best solution for non-reposnse RBLs is to get them removed from any email > server that I care about. When you contact an administrator and show that you > pass a hundred RBLs, they will either drop the offending RBL that has false > positives or whitelist your domain. > > Out of three problem RBLs, only one admitted they were the problem and > cleared me. > > When I first set up my email server, I thought the more RBLs the better. > Eventually I learned less is more. > Original Message > From: Matteo Cazzador > Sent: Monday, May 1, 2017 3:36 AM > To: postfix users > Subject: Trace spam activity on mail server > > Hi, i need an help. A Trend micro QIL list re-include Continuously my > mail server (Linux Centos). > > All other list not include my ip. > > TrendMicro don't give me specific motivation. > > I don't see in postfix log any meaningful spam activities. > > There is a method to trace eventually spam activity don't logged? > > Or a web application or local to monitor my mail server activities? > > Examples: connections on 25/587 port that are not logged by postfix? > > I trace all php mail function script but, i don't see any activities for > now. > > I dont see any NDR o backscatter activities. > > I do not know what to do.... > > Thanks > > -- > Rispetta l'ambiente: se non ti è necessario, non stampare questa mail. > > Le informazioni contenute in questa e-mail e nei files eventualmente allegati > sono destinate unicamente ai destinatari della stessa e > sono da considerarsi strettamente riservate. E' proibito copiare, salvare, > utilizzare, inoltrare a terzi e diffondere il contenuto della presente > senza il preventivo consenso, ai sensi dell'articolo 616 c.p. e della Legge > n. 196/2003. Se avete ricevuto questo messaggio per errore siete > pregati di comunicarlo immediatamente all'indirizzo mittente, nonché di > cancellarne il contenuto senza procedere ad ulteriore o differente > trattamento. > > > ****************************************** > Ing. Matteo Cazzador > NetLite snc di Cazzador Gagliardi > Corso Vittorio Emanuele II, 188 37069 > Villafranca di Verona VR > Tel 0454856656 > Fax 0454856655 > Email: mat...@netlite.it > Web: http://www.netlite.it > ****************************************** >
